EC-Council 312-50 Exam Practice Questions (P. 1)
- Full Access (614 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #1
Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?
- AFast processor to help with network traffic analysis
- BThey must be dual-homed
- CSimilar RAM requirements
- DFast network interface cards
Correct Answer:
B
Dual-homed or dual-homing can refer to either an Ethernet device that has more than one network interface, for redundancy purposes, or in firewall technology, dual-homed is one of the firewall architectures, such as an IDS/IPS system, for implementing preventive security.
References: https://en.wikipedia.org/wiki/Dual-homed
B
Dual-homed or dual-homing can refer to either an Ethernet device that has more than one network interface, for redundancy purposes, or in firewall technology, dual-homed is one of the firewall architectures, such as an IDS/IPS system, for implementing preventive security.
References: https://en.wikipedia.org/wiki/Dual-homed
send
light_mode
delete
Question #2
Which of the following is an application that requires a host application for replication?
- AMicro
- BWorm
- CTrojan
- DVirus
Correct Answer:
D
Computer viruses infect a variety of different subsystems on their hosts. A computer virus is a malware that, when executed, replicates by reproducing it self or infecting other programs by modifying them. Infecting computer programs can include as well, data files, or the boot sector of the hard drive. When this replication succeeds, the affected areas are then said to be "infected".
References: https://en.wikipedia.org/wiki/Computer_virus
D
Computer viruses infect a variety of different subsystems on their hosts. A computer virus is a malware that, when executed, replicates by reproducing it self or infecting other programs by modifying them. Infecting computer programs can include as well, data files, or the boot sector of the hard drive. When this replication succeeds, the affected areas are then said to be "infected".
References: https://en.wikipedia.org/wiki/Computer_virus
send
light_mode
delete
Question #3
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?
- AParos Proxy
- BBBProxy
- CBBCrack
- DBlooover
Correct Answer:
B
Blackberry users warned of hacking tool threat.
Users have been warned that the security of Blackberry wireless e-mail devices is at risk due to the availability this week of a new hacking tool. Secure Computing
Corporation said businesses that have installed Blackberry servers behind their gateway security devices could be vulnerable to a hacking attack from a tool call
BBProxy.
References: http://www.computerweekly.com/news/2240062112/Technology-news-in-brief
B
Blackberry users warned of hacking tool threat.
Users have been warned that the security of Blackberry wireless e-mail devices is at risk due to the availability this week of a new hacking tool. Secure Computing
Corporation said businesses that have installed Blackberry servers behind their gateway security devices could be vulnerable to a hacking attack from a tool call
BBProxy.
References: http://www.computerweekly.com/news/2240062112/Technology-news-in-brief
send
light_mode
delete
Question #4
Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?
- ARestore a random file.
- BPerform a full restore.
- CRead the first 512 bytes of the tape.
- DRead the last 512 bytes of the tape.
Correct Answer:
B
A full restore is required.
B
A full restore is required.
send
light_mode
delete
Question #5
Which of the following describes the characteristics of a Boot Sector Virus?
- AMoves the MBR to another location on the RAM and copies itself to the original location of the MBR
- BMoves the MBR to another location on the hard disk and copies itself to the original location of the MBR
- CModifies directory table entries so that directory entries point to the virus code instead of the actual program
- DOverwrites the original MBR and only executes the new virus code
Correct Answer:
B
A boot sector virus is a computer virus that infects a storage device's master boot record (MBR). The virus moves the boot sector to another location on the hard drive.
References: https://www.techopedia.com/definition/26655/boot-sector-virus
B
A boot sector virus is a computer virus that infects a storage device's master boot record (MBR). The virus moves the boot sector to another location on the hard drive.
References: https://www.techopedia.com/definition/26655/boot-sector-virus
send
light_mode
delete
Question #6
Which statement is TRUE regarding network firewalls preventing Web Application attacks?
- ANetwork firewalls can prevent attacks because they can detect malicious HTTP traffic.
- BNetwork firewalls cannot prevent attacks because ports 80 and 443 must be opened.
- CNetwork firewalls can prevent attacks if they are properly configured.
- DNetwork firewalls cannot prevent attacks because they are too complex to configure.
Correct Answer:
B
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established rule set. To prevent Web Application attacks an Application layer firewall would be required.
References: https://en.wikipedia.org/wiki/Firewall_(computing)#Network_layer_or_packet_filters
B
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established rule set. To prevent Web Application attacks an Application layer firewall would be required.
References: https://en.wikipedia.org/wiki/Firewall_(computing)#Network_layer_or_packet_filters
send
light_mode
delete
Question #7
Which of the following programs is usually targeted at Microsoft Office products?
- APolymorphic virus
- BMultipart virus
- CMacro virus
- DStealth virus
Correct Answer:
C
A macro virus is a virus that is written in a macro language: a programming language which is embedded inside a software application (e.g., word processors and spreadsheet applications). Some applications, such as Microsoft Office, allow macro programs to be embedded in documents such that the macros are run automatically when the document is opened, and this provides a distinct mechanism by which malicious computer instructions can spread.
References: https://en.wikipedia.org/wiki/Macro_virus
C
A macro virus is a virus that is written in a macro language: a programming language which is embedded inside a software application (e.g., word processors and spreadsheet applications). Some applications, such as Microsoft Office, allow macro programs to be embedded in documents such that the macros are run automatically when the document is opened, and this provides a distinct mechanism by which malicious computer instructions can spread.
References: https://en.wikipedia.org/wiki/Macro_virus
send
light_mode
delete
Question #8
Bluetooth uses which digital modulation technique to exchange information between paired devices?
- APSK (phase-shift keying)
- BFSK (frequency-shift keying)
- CASK (amplitude-shift keying)
- DQAM (quadrature amplitude modulation)
Correct Answer:
A
Phase shift keying is the form of Bluetooth modulation used to enable the higher data rates achievable with Bluetooth 2 EDR (Enhanced Data Rate). Two forms of
PSK are used: /4 DQPSK, and 8DPSK.
References: http://www.radio-electronics.com/info/wireless/bluetooth/radio-interface-modulation.php
A
Phase shift keying is the form of Bluetooth modulation used to enable the higher data rates achievable with Bluetooth 2 EDR (Enhanced Data Rate). Two forms of
PSK are used: /4 DQPSK, and 8DPSK.
References: http://www.radio-electronics.com/info/wireless/bluetooth/radio-interface-modulation.php
send
light_mode
delete
Question #9
In order to show improvement of security over time, what must be developed?
- AReports
- BTesting tools
- CMetrics
- DTaxonomy of vulnerabilities
Correct Answer:
C
Today, management demands metrics to get a clearer view of security.
Metrics that measure participation, effectiveness, and window of exposure, however, offer information the organization can use to make plans and improve programs.
References: http://www.infoworld.com/article/2974642/security/4-security-metrics-that-matter.html
C
Today, management demands metrics to get a clearer view of security.
Metrics that measure participation, effectiveness, and window of exposure, however, offer information the organization can use to make plans and improve programs.
References: http://www.infoworld.com/article/2974642/security/4-security-metrics-that-matter.html
send
light_mode
delete
Question #10
Passive reconnaissance involves collecting information through which of the following?
- ASocial engineering
- BNetwork traffic sniffing
- CMan in the middle attacks
- DPublicly accessible sourcesMost Voted
Correct Answer:
D
D
send
light_mode
delete
All Pages